Interface Role Compared to Alias

 Role defines groups of interface settings

typically together
o Avoid accidental misconfiguration
o Four types :
• WAN
• LAN
• DMZ
• Undefined (show all settings)
o Not in list of Policies

 Alias is nickname for interface

o Used in list policies to label interfaces
by purpose

15
FortiGate as a DHCP Server

16
 DHCP Server : IP Reservation
 Reservations re-assign IP Address to
the same host
o To reserve, select IP address or
choose existing DHCP lease
o Identify reservation as either :
• Regular (over Ethernet)
• Over IPSec
 FortiGate uses host’s MAC address
to look up its IP address in
reservation table
 Actions if MAC is unknown

17
Static Gateway

 Must be at least one

default gateway
 If the interface is DHCP or
PPPoE, the gateway can
be added dynamically

18
Configuration Files

 Configuration can be saved to an external device

o Optional encryption
o Can back up automatically
• Upon logout
• Not available on all models
 To restore a previous configuration, upload file
o Reboots FortiGate

19
 Upgrade

 Backup configuratio (full config backup)

 Download copy of current firmware in
case reversion is needed
 Have physical access, or terminal
server connected to local console, in
case reversion is needed
 READ RELEASE NOTES (upgrade
path, other useful information)
 Upgrade

20
Logging and Monitoring
Log Types and Subtypes

Traffic Event Security

Forward Endpoint Control Application Control

Local High Availability Antivirus

Sniffer System Data Leak Prevention (DLP)

User Anti-Spam

Router Web Filter

VPN Intrution Prevention System (IPS)

WAD Anomaly (DOS-Policy)

Wireless WAF

22
Security Events

23
Log Severty Levels

Levels Description
0 – Emergency System unstable
1 – Alert Immediate action required
2 – Critical Functionality affected
3 – Error Error exists that can affect functionality
4 – Warning Functionality could be affected
5 –Notification Information about normal events
6 – Information General system information

24
Log Storage Locations

25